The mindset for finding highs and crits in bug bounty with JR0ch17

📣 Follow JR0ch17 on Twitter: https://x.com/jr0ch17 ✉️ Sign up for the mailing list: https://bbre.dev/nl 📣 Follow me on Twitter: https://bbre.dev/tw Interview with Jasmin “JR0ch17” Landry, a former triager and security manager, now a full-time bug bounty hunter. We discuss bug bounty strategy, mindset, and finding high and critical vulnerabilities. BBRD podcast is also available on most popular podcast platforms: https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 https://music.youtube.com/playlist?list=PLvxs_epf2X91Dn3pWeRxPQSV6SWvWqDE3 https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4 Timestamps: 00:00 Intro 00:37 The road to becoming the full-time bug bounty hunter 20:06 The change in the mindset that lands a lot of highs and crits recently 23:02 SSRFs 24:33 How to test for SSTI? 28:54 Does SQLi still exist in 2025? 35:09 Where to test for XXEs? 41:33 Secondary path traversals 47:40 GraphQL bugs 51:04 The Chromium bug that still allows to control the referrer policy despite using DOM Purify 53:58 OAuth testing 1:03:41 Automation for a manual hacker